bisecting cause commit starting from 2187f215ebaac73ddbd814696d7c7fa34f0c3de0
building syzkaller on 79b211f74b08737aeb4934c6ff69a263b3c38013
testing commit 2187f215ebaac73ddbd814696d7c7fa34f0c3de0 with gcc (GCC) 8.1.0
kernel signature: bdffe8216bcaf7d626967b261b8b8a2e368cec17
all runs: crashed: BUG: unable to handle kernel paging request in xfs_sb_quiet_read_verify
testing release v5.4
testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0
kernel signature: 96fe60ea03fe678862f00d2047a9a9ffee738c2b
all runs: OK
# git bisect start 2187f215ebaac73ddbd814696d7c7fa34f0c3de0 219d54332a09e8d8741c1e1982f5eae56099de85
Bisecting: 7060 revisions left to test after this (roughly 13 steps)
[8c39f71ee2019e77ee14f88b1321b2348db51820] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
testing commit 8c39f71ee2019e77ee14f88b1321b2348db51820 with gcc (GCC) 8.1.0
kernel signature: a0219f9ba24d277c6c0f858026c8b11e3cb468b7
all runs: OK
# git bisect good 8c39f71ee2019e77ee14f88b1321b2348db51820
Bisecting: 3517 revisions left to test after this (roughly 12 steps)
[1daa56bcfd8b329447e0c1b1e91c3925d08489b7] Merge tag 'iommu-updates-v5.5' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu
testing commit 1daa56bcfd8b329447e0c1b1e91c3925d08489b7 with gcc (GCC) 8.1.0
kernel signature: b460868de4caa6fb34bc517bac8ecabf4dab677e
all runs: crashed: BUG: unable to handle kernel paging request in xfs_sb_quiet_read_verify
# git bisect bad 1daa56bcfd8b329447e0c1b1e91c3925d08489b7
Bisecting: 1771 revisions left to test after this (roughly 11 steps)
[f88e2d1f8ec40854c684d73ecf1cf66d4c6dad35] drm/amdgpu: change read of GPU clock counter on Vega10 VF
testing commit f88e2d1f8ec40854c684d73ecf1cf66d4c6dad35 with gcc (GCC) 8.1.0
kernel signature: 2ad2d3f7cd023902a1a3037a278422ecc2173faa
all runs: OK
# git bisect good f88e2d1f8ec40854c684d73ecf1cf66d4c6dad35
Bisecting: 821 revisions left to test after this (roughly 10 steps)
[ddebe839c6013ab42f376bdeaaaf66bd0c0d68d6] Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux
testing commit ddebe839c6013ab42f376bdeaaaf66bd0c0d68d6 with gcc (GCC) 8.1.0
kernel signature: 3e34dfa4a5950157db610a1af08b49c486ba1be7
all runs: OK
# git bisect good ddebe839c6013ab42f376bdeaaaf66bd0c0d68d6
Bisecting: 408 revisions left to test after this (roughly 9 steps)
[d10032dd539c93dbff016f5667e5627c6c2a4467] Merge tag 'libnvdimm-for-5.5' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm
testing commit d10032dd539c93dbff016f5667e5627c6c2a4467 with gcc (GCC) 8.1.0
kernel signature: afcb1142d075dd7679282ed5a594ab9d0e49febd
all runs: OK
# git bisect good d10032dd539c93dbff016f5667e5627c6c2a4467
Bisecting: 264 revisions left to test after this (roughly 8 steps)
[c3bfc5dd73c6f519ff0636d4e709515f06edef78] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
testing commit c3bfc5dd73c6f519ff0636d4e709515f06edef78 with gcc (GCC) 8.1.0
kernel signature: f74d69cc131e912ea69fc2609e6a53d8cb51efd6
all runs: OK
# git bisect good c3bfc5dd73c6f519ff0636d4e709515f06edef78
Bisecting: 132 revisions left to test after this (roughly 7 steps)
[12cc1c7345b6bf34c45ccaa75393e2d6eb707d7b] mm/memory_hotplug.c: remove __online_page_set_limits()
testing commit 12cc1c7345b6bf34c45ccaa75393e2d6eb707d7b with gcc (GCC) 8.1.0
kernel signature: 9c6b40fde4e358b20a63dd92b9f1396b9d484c9d
all runs: crashed: BUG: unable to handle kernel paging request in xfs_sb_quiet_read_verify
# git bisect bad 12cc1c7345b6bf34c45ccaa75393e2d6eb707d7b
Bisecting: 65 revisions left to test after this (roughly 6 steps)
[f07116d77b5b9a4fecdcb470fc6ea08378b98ff7] mm/vmalloc: respect passed gfp_mask when doing preloading
testing commit f07116d77b5b9a4fecdcb470fc6ea08378b98ff7 with gcc (GCC) 8.1.0
kernel signature: f5f509d8455d4d6172d9599f225f6d046a7f3191
all runs: OK
# git bisect good f07116d77b5b9a4fecdcb470fc6ea08378b98ff7
Bisecting: 32 revisions left to test after this (roughly 5 steps)
[0ac398b171aacd0f0c132d989ec4efb5de94f34a] mm: support memblock alloc on the exact node for sparse_buffer_init()
testing commit 0ac398b171aacd0f0c132d989ec4efb5de94f34a with gcc (GCC) 8.1.0
kernel signature: ded03ccd42667cb388177435bbfc0c47b617699e
all runs: crashed: BUG: unable to handle kernel paging request in xfs_sb_quiet_read_verify
# git bisect bad 0ac398b171aacd0f0c132d989ec4efb5de94f34a
Bisecting: 16 revisions left to test after this (roughly 4 steps)
[867e5e1de14b2b2bde324cdfeec3f3f83eb21424] mm: clean up and clarify lruvec lookup procedure
testing commit 867e5e1de14b2b2bde324cdfeec3f3f83eb21424 with gcc (GCC) 8.1.0
kernel signature: 05d66a29f9ec4cf6de2d345d8dbdcd51ec3e4d7e
all runs: crashed: BUG: unable to handle kernel paging request in xfs_sb_quiet_read_verify
# git bisect bad 867e5e1de14b2b2bde324cdfeec3f3f83eb21424
Bisecting: 7 revisions left to test after this (roughly 3 steps)
[5e27a2df03b8933aa7c1579816ecb6a071bb0e0d] mm/page_alloc: add alloc_contig_pages()
testing commit 5e27a2df03b8933aa7c1579816ecb6a071bb0e0d with gcc (GCC) 8.1.0
kernel signature: a536a3291c3dd830ee0cd323eb2a4711a449a07a
all runs: crashed: BUG: unable to handle kernel paging request in xfs_sb_quiet_read_verify
# git bisect bad 5e27a2df03b8933aa7c1579816ecb6a071bb0e0d
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[3c5c3cfb9ef4da957e3357a2bd36f76ee34c0862] kasan: support backing vmalloc space with real shadow memory
testing commit 3c5c3cfb9ef4da957e3357a2bd36f76ee34c0862 with gcc (GCC) 8.1.0
kernel signature: 57e6e9b999d9417430e3e14c3eb485e7fe16fe83
all runs: OK
# git bisect good 3c5c3cfb9ef4da957e3357a2bd36f76ee34c0862
Bisecting: 1 revision left to test after this (roughly 1 step)
[eafb149ed73a8bb8359c0ce027b98acd4e95b070] fork: support VMAP_STACK with KASAN_VMALLOC
testing commit eafb149ed73a8bb8359c0ce027b98acd4e95b070 with gcc (GCC) 8.1.0
kernel signature: 0075c9737b06ebdd98664133efccfb6c9ecdb2c5
all runs: OK
# git bisect good eafb149ed73a8bb8359c0ce027b98acd4e95b070
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[0609ae011deb41c9629b7f5fd626dfa1ac9d16b0] x86/kasan: support KASAN_VMALLOC
testing commit 0609ae011deb41c9629b7f5fd626dfa1ac9d16b0 with gcc (GCC) 8.1.0
kernel signature: 86ab9edbf12d746ffa99270c2d1f03e51a9492f7
all runs: crashed: BUG: unable to handle kernel paging request in xfs_sb_quiet_read_verify
# git bisect bad 0609ae011deb41c9629b7f5fd626dfa1ac9d16b0
0609ae011deb41c9629b7f5fd626dfa1ac9d16b0 is the first bad commit
commit 0609ae011deb41c9629b7f5fd626dfa1ac9d16b0
Author: Daniel Axtens <dja@axtens.net>
Date:   Sat Nov 30 17:55:00 2019 -0800

    x86/kasan: support KASAN_VMALLOC
    
    In the case where KASAN directly allocates memory to back vmalloc space,
    don't map the early shadow page over it.
    
    We prepopulate pgds/p4ds for the range that would otherwise be empty.
    This is required to get it synced to hardware on boot, allowing the
    lower levels of the page tables to be filled dynamically.
    
    Link: http://lkml.kernel.org/r/20191031093909.9228-5-dja@axtens.net
    Signed-off-by: Daniel Axtens <dja@axtens.net>
    Acked-by: Dmitry Vyukov <dvyukov@google.com>
    Reviewed-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
    Cc: Alexander Potapenko <glider@google.com>
    Cc: Christophe Leroy <christophe.leroy@c-s.fr>
    Cc: Mark Rutland <mark.rutland@arm.com>
    Cc: Vasily Gorbik <gor@linux.ibm.com>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

 arch/x86/Kconfig            |  1 +
 arch/x86/mm/kasan_init_64.c | 61 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+)
culprit signature: 86ab9edbf12d746ffa99270c2d1f03e51a9492f7
parent  signature: 0075c9737b06ebdd98664133efccfb6c9ecdb2c5
revisions tested: 16, total time: 3h35m8.660965565s (build: 1h37m54.552580191s, test: 1h55m58.057902576s)
first bad commit: 0609ae011deb41c9629b7f5fd626dfa1ac9d16b0 x86/kasan: support KASAN_VMALLOC
cc: ["akpm@linux-foundation.org" "aryabinin@virtuozzo.com" "dja@axtens.net" "dvyukov@google.com" "torvalds@linux-foundation.org"]
crash: BUG: unable to handle kernel paging request in xfs_sb_quiet_read_verify
BUG: unable to handle page fault for address: fffff52000800000
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 21ffee067 P4D 21ffee067 PUD aa51b067 PMD a897a067 PTE 0
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 8361 Comm: syz-executor.0 Not tainted 5.4.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:xfs_sb_quiet_read_verify+0x40/0x90 fs/xfs/libxfs/xfs_sb.c:734
Code: c7 30 01 00 00 48 89 fa 48 c1 ea 03 80 3c 02 00 75 5e 4c 8b a3 30 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <0f> b6 04 02 84 c0 74 04 3c 03 7e 30 41 81 3c 24 58 46 53 42 74 19
RSP: 0018:ffffc90002db7a58 EFLAGS: 00010a06
RAX: dffffc0000000000 RBX: ffff8880945e0940 RCX: 0000000000000000
RDX: 1ffff92000800000 RSI: 0000000000000000 RDI: ffff8880945e0a70
RBP: ffffc90002db7a68 R08: ffffed1015d67045 R09: ffffed1015d67045
R10: ffffed1015d67044 R11: ffff8880aeb38223 R12: ffffc90004000000
R13: ffffffff87b86de0 R14: 0000000000100008 R15: ffff8880945e0b74
FS:  00007efe0a504700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: fffff52000800000 CR3: 00000000a9aa6000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 xfs_buf_ioend+0x3a1/0xa30 fs/xfs/xfs_buf.c:1162
 __xfs_buf_submit+0x293/0xa90 fs/xfs/xfs_buf.c:1488
 xfs_buf_submit fs/xfs/xfs_buf.h:269 [inline]
 xfs_buf_read_uncached+0x13a/0x440 fs/xfs/xfs_buf.c:897
 xfs_readsb+0x28d/0x500 fs/xfs/xfs_mount.c:298
 xfs_fs_fill_super+0x7f3/0x14c0 fs/xfs/xfs_super.c:1640
 mount_bdev+0x278/0x330 fs/super.c:1415
 xfs_fs_mount+0x10/0x20 fs/xfs/xfs_super.c:1805
 legacy_get_tree+0x101/0x1f0 fs/fs_context.c:647
 vfs_get_tree+0x86/0x2d0 fs/super.c:1545
 do_new_mount fs/namespace.c:2822 [inline]
 do_mount+0x1270/0x1b60 fs/namespace.c:3142
 ksys_mount+0xba/0xe0 fs/namespace.c:3351
 __do_sys_mount fs/namespace.c:3365 [inline]
 __se_sys_mount fs/namespace.c:3362 [inline]
 __x64_sys_mount+0xb9/0x150 fs/namespace.c:3362
 do_syscall_64+0xca/0x5f0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45d36a
Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00
RSP: 002b:00007efe0a503a68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045d36a
RDX: 00007efe0a503ae0 RSI: 0000000020000000 RDI: 00007efe0a503b00
RBP: 000000000075bf20 R08: 00007efe0a503b40 R09: 00007efe0a503ae0
R10: 000000000000c011 R11: 0000000000000246 R12: 00007efe0a5046d4
R13: 00000000004cae6d R14: 00000000004e4490 R15: 00000000ffffffff
Modules linked in:
CR2: fffff52000800000
---[ end trace 0c04e05df201ef03 ]---
RIP: 0010:xfs_sb_quiet_read_verify+0x40/0x90 fs/xfs/libxfs/xfs_sb.c:734
Code: c7 30 01 00 00 48 89 fa 48 c1 ea 03 80 3c 02 00 75 5e 4c 8b a3 30 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <0f> b6 04 02 84 c0 74 04 3c 03 7e 30 41 81 3c 24 58 46 53 42 74 19
RSP: 0018:ffffc90002db7a58 EFLAGS: 00010a06
RAX: dffffc0000000000 RBX: ffff8880945e0940 RCX: 0000000000000000
RDX: 1ffff92000800000 RSI: 0000000000000000 RDI: ffff8880945e0a70
RBP: ffffc90002db7a68 R08: ffffed1015d67045 R09: ffffed1015d67045
R10: ffffed1015d67044 R11: ffff8880aeb38223 R12: ffffc90004000000
R13: ffffffff87b86de0 R14: 0000000000100008 R15: ffff8880945e0b74
FS:  00007efe0a504700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: fffff52000800000 CR3: 00000000a9aa6000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400